Most computer communications over a distributed data network occur via point-to-point connections. Some applications use multicast or broadcast techniques, but in general, communications involve just two entities (often programs). Communicating parties must agree on a protocol: a sequence of messages and responses that permit the parties to reliably exchange data or commands. If one party attempts to use a different protocol, communication may fail. (Some protocols are self-documenting, so that a party that does not understand every message can nonetheless locate the message boundaries and ignore an unknown message. However, if the ignored message is critical to the parties' interaction, the interaction will still fail.)
Changes to protocols can be difficult to make because of the practical requirement that parties speak the same “language.” When there is a large installed base of either clients or servers (or both), an upgraded protocol must either be backwards-compatible, or implementers must tolerate failed communication attempts until all of the clients and servers use the new protocol. Another circumstance that can impede deployment of an improved protocol is the unavailability of essential software source code, functional libraries or development tools. For example, consider the problem of adding authentication and/or encryption to a client-server interaction protocol that presently uses an ordinary Transmission Control Protocol (“TCP”) connection. The Secure Sockets Layer (“SSL”) provides a rich set of functions to perform authentication and encryption, but those functions cannot simply be “dropped in” by changing a shared object or dynamically-linked library (“DLL”). Instead, the server and client must be modified at least slightly (so the source code of each must be available), and the appropriate SSL libraries must be obtained. Source code is sometimes unavailable (or is only available at significant cost or under onerous conditions); and SSL libraries for some systems may likewise be unavailable or expensive. In general, the cost of modifying a software system to use SSL may be out of proportion to the value of such modification. In such cases, an alternate means of adding certain security-related features to a data communication protocol may be preferred.